Certain NETGEAR routers allow authenticated administrators to gain unintended control...

4.9 / 10

MEDIUM

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/V:D/RE:L/U:Amber

Description

Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality.

Basic Information

ID CVE-2026-9210

Source NETGEAR

Published Jun 9, 2026 at 15:50

Affected Product

Vendor NETGEAR

Product EX3700

Affected Versions NETGEAR EX3700 0
NETGEAR EX3800 0
NETGEAR EX6120 0
NETGEAR EX6130 0
NETGEAR MR60 0
NETGEAR MR70 0
NETGEAR MR80 0
NETGEAR MS60 0
NETGEAR MS70 0
NETGEAR MS80 0
NETGEAR R6400v2 0
NETGEAR R6700v3 0
NETGEAR R6900P 0
NETGEAR R7000 0
NETGEAR R7000P 0
NETGEAR R7960P 0
NETGEAR R8000P 0
NETGEAR R8500 0
NETGEAR RAX20 0
NETGEAR RAX35v2 0
NETGEAR RAX40v2 0
NETGEAR RAX41 0
NETGEAR RAX42 0
NETGEAR RAX43 0
NETGEAR RAX45 0
NETGEAR RAX48 0
NETGEAR RAX50 0
NETGEAR RAX50S 0
NETGEAR RAXE450 0
NETGEAR RAXE500 0
NETGEAR XR1000 0

CWE Classification

CWE-20

References

{
    "lastseen": "",
    "description": "Insufficient input validation vulnerability in the\u00a0listed NETGEAR models allows\u00a0authenticated administrators connected to the local network to make unauthorized modification of router software and functionality.",
    "published": "2026-06-09T15:50:48.947Z",
    "modified": "2026-06-09T15:50:48.947Z",
    "type": "cve",
    "title": "Certain NETGEAR routers allow authenticated administrators to gain unintended control of the router",
    "source": "NETGEAR",
    "references": "https://www.netgear.com/support/product/ex3700/\nhttps://www.netgear.com/support/product/ex3800/\nhttps://www.netgear.com/support/product/ex6120/\nhttps://www.netgear.com/support/product/mr60/\nhttps://www.netgear.com/support/product/ex6130/\nhttps://www.netgear.com/support/product/ms70/\nhttps://www.netgear.com/support/product/ms60/\nhttps://www.netgear.com/support/product/mr80/\nhttps://www.netgear.com/support/product/ms80/\nhttps://www.netgear.com/support/product/mr70/\nhttps://www.netgear.com/support/product/r6400v2/\nhttps://www.netgear.com/support/product/r6700v3/\nhttps://www.netgear.com/support/product/r6900p/\nhttps://www.netgear.com/support/product/r7960p/\nhttps://www.netgear.com/support/product/r7000p/\nhttps://www.netgear.com/support/product/r8000p/\nhttps://www.netgear.com/support/product/r8500/\nhttps://www.netgear.com/support/product/rax48/\nhttps://www.netgear.com/support/product/r7000/\nhttps://www.netgear.com/support/product/rax40v2/\nhttps://www.netgear.com/support/product/rax20/\nhttps://www.netgear.com/support/product/rax35v2/\nhttps://www.netgear.com/support/product/rax41/\nhttps://www.netgear.com/support/product/rax42/\nhttps://www.netgear.com/support/product/rax45/\nhttps://www.netgear.com/support/product/rax50/\nhttps://www.netgear.com/support/product/rax43/\nhttps://www.netgear.com/support/product/rax50s/\nhttps://www.netgear.com/support/product/raxe450/\nhttps://www.netgear.com/support/product/raxe500/\nhttps://www.netgear.com/support/product/xr1000/",
    "id": "CVE-2026-9210",
    "bulletinFamily": "",
    "cwe": [
        "CWE-20"
    ],
    "cvelist": null,
    "sourceData": "NETGEAR EX3700 0\nNETGEAR EX3800 0\nNETGEAR EX6120 0\nNETGEAR EX6130 0\nNETGEAR MR60 0\nNETGEAR MR70 0\nNETGEAR MR80 0\nNETGEAR MS60 0\nNETGEAR MS70 0\nNETGEAR MS80 0\nNETGEAR R6400v2 0\nNETGEAR R6700v3 0\nNETGEAR R6900P 0\nNETGEAR R7000 0\nNETGEAR R7000P 0\nNETGEAR R7960P 0\nNETGEAR R8000P 0\nNETGEAR R8500 0\nNETGEAR RAX20 0\nNETGEAR RAX35v2 0\nNETGEAR RAX40v2 0\nNETGEAR RAX41 0\nNETGEAR RAX42 0\nNETGEAR RAX43 0\nNETGEAR RAX45 0\nNETGEAR RAX48 0\nNETGEAR RAX50 0\nNETGEAR RAX50S 0\nNETGEAR RAXE450 0\nNETGEAR RAXE500 0\nNETGEAR XR1000 0",
    "sourceHref": "",
    "cvss": {
        "score": 4.9,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/V:D/RE:L/U:Amber",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "EX3700",
    "version": "0",
    "vendor": "NETGEAR",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Certain NETGEAR routers allow authenticated administrators to gain unintended control of the router_CVE-2026-9210